Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/14fa9b-a8d1-4781-8deb-9e464499f4fc/1/0UpjkfAXyr9qzKoK3gD0UMjcASc.roa
File: 0UpjkfAXyr9qzKoK3gD0UMjcASc.roa (raw, json)
Hash identifier: WVmuxu5iKYmQ63At02JKBdDwk33o2GnJ4pHMmrj/CjM=
Subject key identifier: D1:4A:63:91:F0:17:CA:BF:6A:CC:AA:0A:DE:00:F4:50:C8:DC:01:27
Certificate issuer: /CN=db7153bbb3ea9ed9ceb803e6e7f192aabd9ada34
Certificate serial: 018338CC32E9862A73E36B20A5D64FB12D98
Authority key identifier: DB:71:53:BB:B3:EA:9E:D9:CE:B8:03:E6:E7:F1:92:AA:BD:9A:DA:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/23FTu7PqntnOuAPm5_GSqr2a2jQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/14fa9b-a8d1-4781-8deb-9e464499f4fc/1/0UpjkfAXyr9qzKoK3gD0UMjcASc.roa
Signing time: Tue 13 Sep 2022 21:40:49 +0000
ROA not before: Tue 13 Sep 2022 21:40:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60449
IP address blocks: 185.1.251.0/24 maxlen: 24
2001:7f8:132::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:38:cc:32:e9:86:2a:73:e3:6b:20:a5:d6:4f:b1:2d:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db7153bbb3ea9ed9ceb803e6e7f192aabd9ada34
Validity
Not Before: Sep 13 21:40:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d14a6391f017cabf6accaa0ade00f450c8dc0127
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f3:ac:57:68:b3:f5:06:27:69:10:da:6b:04:
39:7b:08:e1:30:9d:c1:d9:93:88:60:12:da:17:e8:
44:d2:63:ba:24:4b:36:a3:6d:bc:f4:ad:c0:53:a4:
43:1f:b6:db:12:d9:ea:61:81:82:d8:de:a0:eb:1c:
61:30:dc:68:de:8e:e0:95:e7:64:6f:9d:16:86:7d:
35:1f:ab:0e:4b:fa:c9:05:02:ce:31:7a:25:e1:e5:
67:4f:82:ad:03:19:41:c9:17:54:ba:30:53:16:d5:
f0:39:fc:9d:72:ef:08:42:d4:1a:38:67:28:0f:0f:
ef:21:8b:55:51:35:34:74:1a:53:96:fb:42:7a:e6:
1b:d0:53:38:78:44:3b:9c:9d:af:b8:60:5e:ac:89:
9a:4f:e5:0e:66:59:81:1c:fd:81:9d:36:15:e4:11:
ec:e1:fc:0f:ce:74:e4:c6:ce:25:be:34:87:b3:5e:
ad:0f:02:88:24:3b:2c:b8:a7:4b:fb:29:05:97:48:
c3:af:9e:00:1f:87:f3:74:25:0f:1c:1f:c6:3e:ff:
44:37:e7:43:34:45:35:0b:00:4a:24:72:4d:51:c9:
0e:a4:e5:42:83:de:e6:c3:6a:b5:1c:e1:77:f5:dd:
35:2d:6f:51:0a:54:80:0c:36:7c:49:b5:76:90:3e:
7e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:4A:63:91:F0:17:CA:BF:6A:CC:AA:0A:DE:00:F4:50:C8:DC:01:27
X509v3 Authority Key Identifier:
keyid:DB:71:53:BB:B3:EA:9E:D9:CE:B8:03:E6:E7:F1:92:AA:BD:9A:DA:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/23FTu7PqntnOuAPm5_GSqr2a2jQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/14fa9b-a8d1-4781-8deb-9e464499f4fc/1/0UpjkfAXyr9qzKoK3gD0UMjcASc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/14fa9b-a8d1-4781-8deb-9e464499f4fc/1/23FTu7PqntnOuAPm5_GSqr2a2jQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.251.0/24
IPv6:
2001:7f8:132::/48
Signature Algorithm: sha256WithRSAEncryption
19:8d:d8:31:bd:8b:4b:51:44:c8:01:0e:f9:76:4c:0a:6f:64:
3f:16:4a:74:fe:5f:79:2a:fc:05:74:8b:f5:d8:85:e5:d8:61:
93:99:fa:0a:f9:c5:eb:c0:dd:dc:0e:46:94:aa:30:74:80:f7:
bd:9c:fd:d6:cf:03:ec:3c:b2:d0:68:e7:0f:f3:15:00:db:22:
93:b6:86:16:22:c7:8c:a7:ee:a8:92:66:61:85:15:f8:bc:53:
05:c0:81:b4:c4:b7:94:07:c5:77:07:5d:91:fb:45:87:ef:e0:
1f:d0:0d:92:59:99:cf:2d:59:6b:8e:cb:e6:59:09:a3:2e:13:
c5:08:89:b2:88:69:a3:91:f3:5c:ff:4d:a5:1c:ae:64:b2:5c:
4f:15:5f:ca:90:d8:03:57:ea:e6:db:0d:10:5b:40:41:de:77:
12:e0:31:80:2c:1e:aa:71:9e:5a:48:c5:42:20:95:d7:d1:6e:
5a:09:5a:a5:8f:58:c0:a7:fb:e7:af:b5:76:5c:49:9c:39:c9:
6c:d5:c7:8f:e8:fd:56:2c:d1:7a:a1:c7:7e:3f:08:a4:08:41:
6a:76:a8:ba:ed:6f:f1:76:f2:b4:8c:1b:7b:17:27:4f:25:63:
ce:34:71:46:7b:71:39:09:53:eb:fa:10:3f:12:fd:5e:a2:fe:
dd:f2:b6:08
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYM4zDLphipz42sgpdZPsS2YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNzE1M2JiYjNlYTllZDljZWI4MDNlNmU3ZjE5MmFhYmQ5
YWRhMzQwHhcNMjIwOTEzMjE0MDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTRhNjM5MWYwMTdjYWJmNmFjY2FhMGFkZTAwZjQ1MGM4ZGMwMTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfOsV2iz9QYnaRDaawQ5ewjhMJ3B
2ZOIYBLaF+hE0mO6JEs2o2289K3AU6RDH7bbEtnqYYGC2N6g6xxhMNxo3o7gledk
b50Whn01H6sOS/rJBQLOMXol4eVnT4KtAxlByRdUujBTFtXwOfydcu8IQtQaOGco
Dw/vIYtVUTU0dBpTlvtCeuYb0FM4eEQ7nJ2vuGBerImaT+UOZlmBHP2BnTYV5BHs
4fwPznTkxs4lvjSHs16tDwKIJDssuKdL+ykFl0jDr54AH4fzdCUPHB/GPv9EN+dD
NEU1CwBKJHJNUckOpOVCg97mw2q1HOF39d01LW9RClSADDZ8SbV2kD5++QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNFKY5HwF8q/asyqCt4A9FDI3AEnMB8GA1UdIwQY
MBaAFNtxU7uz6p7ZzrgD5ufxkqq9mto0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjNGVHU3UHFudG5PdUFQbTVfR1NxcjJhMmpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8xNGZhOWItYThkMS00NzgxLThkZWIt
OWU0NjQ0OTlmNGZjLzEvMFVwamtmQVh5cjlxektvSzNnRDBVTWpjQVNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8xNGZhOWItYThkMS00NzgxLThkZWItOWU0NjQ0OTlmNGZj
LzEvMjNGVHU3UHFudG5PdUFQbTVfR1NxcjJhMmpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQH7MA8E
AgACMAkDBwAgAQf4ATIwDQYJKoZIhvcNAQELBQADggEBABmN2DG9i0tRRMgBDvl2
TApvZD8WSnT+X3kq/AV0i/XYheXYYZOZ+gr5xevA3dwORpSqMHSA972c/dbPA+w8
stBo5w/zFQDbIpO2hhYix4yn7qiSZmGFFfi8UwXAgbTEt5QHxXcHXZH7RYfv4B/Q
DZJZmc8tWWuOy+ZZCaMuE8UIibKIaaOR81z/TaUcrmSyXE8VX8qQ2ANX6ubbDRBb
QEHedxLgMYAsHqpxnlpIxUIgldfRbloJWqWPWMCn++evtXZcSZw5yWzVx4/o/VYs
0Xqhx34/CKQIQWp2qLrtb/F28rSMG3sXJ08lY840cUZ7cTkJU+v6ED8S/V6i/t3y
tgg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:55 2024 by rpki-client on console-fra.rpki-client.org